Tag: Technology

I noticed after I installed OS X Tiger that my laptop was no longer going to sleep when it was idle. It wasn’t even dimming the display. I don’t mind it not going to sleep—sometimes I like to ssh into it from work. But not dimming the display isn’t cool. After a few days of idly poking around, I’ve figured out what the problem is, although I’m not sure yet where the fault lies.

I have a Wacom Graphire pen tablet that I bought so I could do photo retouching with something better than a trackpad or mouse. It came with a mouse, too, so I’ve been using it as a mouse for my laptop when it’s on my desk. It turns out that if the mouse is on the tablet, the energy saver won’t kick in. The mouse doesn’t have to be moving. It just has to be on the tablet.

When I run “top”, I can see that when the mouse isn’t on the tablet, the TabletDriver uses no CPU. When the mouse is on the tablet, TabletDriver uses between 1% and 2% CPU, regardless of whether the mouse is being used. I figure this is related to the problem with the energy saver. I just don’t know if it’s a problem with the latest tablet driver, or with Tiger.

Luckily, I have another laptop that’s running 10.3, and I can install the old tablet driver on it. Then I can upgrade the tablet driver. That’ll pin down whether it’s a problem with the driver or with Tiger, and I’ll know who I should send my bug report to.

There’s a new version of Pine, 4.63, out today. I’ve updated MacPine accordingly. I gave it a quick test on MacOS X Tiger, which was also released today (or will be in an hour, anyway), and it appears to work. So, hooray. Still no ssl certificates included with the base OS X installation, though, which continues to baffle me. Eh. I have a installer for those that should still work.

This is the copyright notice on the collection of Kage Baker short stories I just bought from Fictionwise (actually, I didn’t buy it from Fictionwise, I bought it from Diesel eBooks, but it’s a Fictionwise publication):

NOTICE: This eBook is licensed to the original purchaser only. Duplication or distribution to any person via email, floppy disk, network, print out, or any other means is a violation of International copyright law and subjects the violator to severe fines and/or imprisonment. This notice overrides the Adobe Reader permissions which are erroneous. This book cannot be legally lent or given to others.

I would have copied and pasted that notice directly from the file, but when I tried to do that, Acrobat Reader warned me that I could only copy three selections from the document in the next two days, and I didn’t feel like wasting one of my allowed operations on the copyright notice.

Isn’t technology great? Public libraries, used bookstores, and people who borrow books from their friends are a real blight on the publishing industry. It’s nice to see that with eBooks they can finally shut down those fucking freeloaders.

I got Brother P-Touch 1950 label printer recently, because there’s a lot of stuff in the house that could benefit from a label that isn’t made of masking tape and a sharpie scrawl. In addition to being a nifty standalone label machine, this one has a USB port so it can act as a printer. That functionality is Windows-only, and according to Brother, there are no plans to release printer drivers for any other operating system. I don’t see why not—some of their other models work under MacOS and Windows.

So I installed Windows XP under VirtualPC on my laptop and (once I’d discovered that USB only works right when I run VirtualPC from MacOS 9; under MacOS X I just couldn’t get it working) a USB sniffer with which to grab some information about how Windows is driving the device.

The theory is, if I can figure out what commands Windows sends the printer, I should be able to send those same commands from MacOS X or Linux, and have the printer work there, too. I’m having some difficulties with the userland USB utilities I’ve found for sending data over USB, but I won’t go into that here.

So, I’ve made some progress on the data that Windows is sending to the printer. I’m pretty sure it’s some sort of run-length-encoded bitmap data, but I’d love a second opinion. The printer appears to have a single-column print head (or a single line, if you’re looking at it in the direction of the paper feed). It prints 180dpi bitmaps. As far as I can tell, the data that’s being sent to it represents the bitmap it’s printing, in bottom-to-top, left-to-right order. Or, if you put it on its side and think of it as a dot matrix printer, it’s printing left to right, top to bottom.

I’ve been looking for good web-based recipe management software, and I’m having a hell of a time finding what I want. I don’t need nutritional information for each meal, although that’d be handy. I don’t need it to export a web site full of recipes (although having a read-only mode so people could browse without being able to change anything would be nice). I do need to be able to import Meal-Master format recipes, and ideally export them in that format too. I’d like to be able to add notes to a recipe, and create links between recipes that work well together. I’d like to be able to rate and categorize recipes, and search based on rating, category, ingredients, etc. It would be nice if recipes could be systemwide, but ratings and annotations could be per-user (and visible to other users or not, configurable).

Largo Recipes looks promising, but it’s written in Java, and I haven’t been able to get Java to work reliably under OpenBSD.

ReciPants is probably my best bet. It’s written in Perl, so I can hack on it without having to learn a new language, and its planned feature list meshes well with what I’d like to see in a recipe application. Unfortunately, it doesn’t look like there’s been any work done on it in almost a year, so I’d have to hack on it myself. I was kind of hoping someone had already made something.

Hmm. Actually, using a different search on freshmeat just now turned up PHPRecipeBook, which looks pretty good. Maybe I’ll give that a try.

What I’d really like, I suspect, is MacGourmet. Only web-based and multi-user.

Elsewhere was on and off the network last night between midnight and 6am. I had expected the firewall reconfiguration to take around an hour, max. Six hours was not what I expected. I am pissed at the reason why. Also, sleepy.

I was going to beat myself up about having missed the obvious clue that what I was trying to do wasn’t going to work, but I see now that it wasn’t so obvious after all. Here’s what happened:

The free firewall software we use at work is based on Gibraltar a commercial linux-based firewall which gives away their base operating system, a handy bootable CD with all the linux you’d need to roll your own firewall, for free. Up through version 2.0, the base system wasn’t crippled in any way. Unbeknownst to me, version 2.1 introduced mandatory licensing.

I wanted to build a firewall using a feature only available, as far as I can tell, in version 2.1, so I made a disc, booted the firewall using it, updated the Shorewall package (which should have been my first clue that something was wrong: the release notes for Gibraltar 2.1 indicate that Shorewall was upgraded to a relatively recent version, but when I tried to use it, I noticed that it was the same old version that had been in 2.0), and configured Shorewall in a way that I thought would work.

It worked halfway. The bridge between the outside network and the DMZ was passing traffic just fine, but I couldn’t get traffic from the private network out via the NAT I thought I’d configured. Since I’ve never actually gotten Shorewall working before, I figured this was an error in the way I’d configured it, and tackled the problem that way for three or four hours. Eventually I got the Shorewall configuration into such a simple state that it really should have worked. Even with my limited understanding, I could see that. So something else was wrong.

Once I started looking elsewhere, it became obvious. The kernel was configured not to allow ip forwarding. Normally you can turn that option on and off, but when I turned it on, it remained off. So I hit google to see if anybody else had noticed that. Yes, they had. That’s by design. It’s how the folks at Gibraltar enforce their licensing requirement. I could, if I wanted, ask them for a free license, and they’d give me one. But it wasn’t going to work out of the box, period.

I spent some time trying to get my Shorewall configuration to work with Gibraltar 2.0, which wasn’t going to work either, and finally just rewired the network so that I could give up and go to bed. I blamed myself for having ignored the notice at http://www.gibraltar.at/content/free_gibraltar which reads “Attention: Without a valid license file, Gibraltar will not run properly!” But now I see that I didn’t have any reason to even see that page last night. I went from their home page to Get Gibraltar to Download without ever seeing that warning. And even if I’d seen it, I probably would have assumed that it meant the configuration interface (which I’m not using) was crippled, not that they’d messed with the kernel.

I’m not too happy about that. I really could have used the sleep.

On the bright side, I’m pretty sure that I have a much better understanding of how to do what I want using Shorewall now, and when I get a linux distribution on that system that isn’t intentionally crippled by its vendor, I’m pretty sure it’ll work.

I’m teaching myself how to use iptables now. It’s not something I particularly want to be good at, but if I’m going to get my home network set up the way I want, I think I’ll have to be.

There are between six and eight machines active in this house, depending on what’s going on. I have three static IP addresses, although I’d like to cut that down to two, since the third costs me $6/month. I’d like for my firewall machine to act as both a filtering bridge to one system (eldorado, which provides web/email/etc services for a bunch of domains), as a port forwarder into an internal system which will provide virtual mail accounts (currently this is also eldorado, but I’d like to move it to another system), and as masquerading NAT for everything else. So far, I haven’t found any examples of firewall scripts that do all of this. But I have examples of each part. My job now is to understand them enough to merge them.

Whee!

Oh, yeah, and I’d like to be able to apply some traffic shaping so my ssh sessions don’t go to hell whenever someone’s downloading something large.

This is slightly inconvenient, as packages may trigger dependencies, and you may have to remove a large subset of packages for an update.

Slightly inconvenient? Really? I’d hate to see what they consider a pain in the ass.

I hate package management systems (rpm, apt, fink, ports, whatever). Why am I using OpenBSD’s ports, then? Because apache is part of the operating system in OpenBSD, which means it’s a pain in the ass not to use the ports for things like PHP. And if I’m using ports for one thing, it really makes sense to try to use them for everything, because if I install something by hand and then a port depends on it and tries to install the dependency but can’t because I’ve already installed it… gah. It makes my head hurt.

I’m this close to going back to using Slackware and managing everything myself.